This free event is open to all participants with an interest in application security. Registration is [http://www.regonline.com/Register/Checkin.aspx?EventID=1065199 required] http://www.regonline.com/Register/Checkin.aspx?EventID=1065199

+

This free event is open to all participants with an interest in application security. <br>

In this talk we will look at HTML5 from an attackers view-point. Because not only does HTML5 bring us Semantic web, editable content, inbuilt form validation, local storage, awesome video support and the long overdue death of <div> - it also opens up a host of new opportunities for attackers.

In this talk we will look at HTML5 from an attackers view-point. Because not only does HTML5 bring us Semantic web, editable content, inbuilt form validation, local storage, awesome video support and the long overdue death of <div> - it also opens up a host of new opportunities for attackers.

−

<br>

We'll look at some of the troublesome new attacks that this new HTML5 standard introduces, how attackers can leverage these attacks to cause untold havoc on your machine, and how - with a little bit of help from some not so over-complicated Javascript - we can build Botnets in your Browser!

We'll look at some of the troublesome new attacks that this new HTML5 standard introduces, how attackers can leverage these attacks to cause untold havoc on your machine, and how - with a little bit of help from some not so over-complicated Javascript - we can build Botnets in your Browser!

'''Abstract:''' This presentation will introduce the audience to mod_security Web Application Firewall. Several practical cases on timely mitigation of various security risks using mod_security will be presented.

'''Abstract:''' This presentation will introduce the audience to mod_security Web Application Firewall. Several practical cases on timely mitigation of various security risks using mod_security will be presented.

Latest revision as of 15:59, 8 February 2012

OWASP Ireland-Limerick

Welcome to the Ireland-Limerick chapter homepage. Click here to join the local chapter mailing list.

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is and open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

For ISACA and (ISC)² members: This event qualifies for free CPE credits/hours.

AGENDA

Title:OWASP Limerick - introduction, objectives, meeting agenda

19:00 - 19:50Title:HTML5 - A Whole New Attack Vector - presented by Robert McArdle
Abstract: HTML5 opens up a wide and wonderful new world for Web Designers to explore - bringing fantastic new features that were previously only possible via Flash or horribly over-complicated Javascript. And HTML5 is not a future technology - chances are your favourite browser already has excellent support built in (unless you are still using IE).

In this talk we will look at HTML5 from an attackers view-point. Because not only does HTML5 bring us Semantic web, editable content, inbuilt form validation, local storage, awesome video support and the long overdue death of

- it also opens up a host of new opportunities for attackers.

We'll look at some of the troublesome new attacks that this new HTML5 standard introduces, how attackers can leverage these attacks to cause untold havoc on your machine, and how - with a little bit of help from some not so over-complicated Javascript - we can build Botnets in your Browser!
Presenter: Robert is currently working as the manager of Trend Micro's Advanced Threat Research team in Europe, where he is involved in analyzing the latest malware threats, specializing in researching the future threat landscape and criminal underground. Robert is a regular presenter for the press and at security conferences. He has also written and lectures an MSc module in Malware Analysis at Cork IT and UCD, and is a trainer for several SANS qualifications. A graduate of Trinity and DCU he holds several qualifications from SANS and serves on the SANS advisory board.

19:55 - 20:10Title: TBA
Abstract: TBA
Presenter: TBA

20:05 - 20:45Title:Practical Defense with mod_security WAF - presented by Marian Ventuneac
Abstract: This presentation will introduce the audience to mod_security Web Application Firewall. Several practical cases on timely mitigation of various security risks using mod_security will be presented.
Presenter:Marian Ventuneac

OWASP Limerick Chapter Raffle: Two sponsored software development/information security books will be available for this event.